/srv/irclogs.ubuntu.com/2016/05/04/#ubuntu-server.txt

Housedoes anyone have 16.04, sssd+AD & autofs mounting smb shares working? i've got ssh, login, /home/AD/user folder creation, & sudo. smbclient works with password, but not with -k and auto.smb is failing for the same reason.  any suggestions on troubleshooting kerberos tickets?01:45
lunaphytewhat am i doing wrong here? http://dpaste.com/345PZV6.txt02:48
k2gremlinHello all. I am trying to add monitoring to a plex server. PlexPy is functional if I manually launch the file. However, I am trying to get it to run as a daemon using this guide. https://github.com/drzoidberg33/plexpy/wiki/Install-as-a-daemon Followed the Ubuntu section but when I attempt to start the service, it tells me failed to start no such file or directory..02:52
tarpmanlunaphyte: what would "right" look like? is /topic applicable?02:54
lunaphytetarpman: ah, thanks.  yes, it is03:00
lunaphyteinteresting.  has that always been like that?  i seem to remember it wasn't03:01
lunaphyteindeed - do-release-upgrade -d reveals an upgrade03:02
John[Lisbeth]I am doing a dist-upgrade on my vm. Teeming with excitement as this is my first dist-upgrade03:55
sarnoldJohn[Lisbeth]: are you intending to use it to upgrade to a new release?03:55
John[Lisbeth]yeah and I kind of already typed it03:55
sarnoldoops03:56
John[Lisbeth]lol03:56
John[Lisbeth]oh well this is just a throw-away vm anyway03:56
sarnolddo-release-upgrade does a significantly better job :)03:56
John[Lisbeth]Yeah I forgot that one03:56
sarnoldgranted I use dist-upgrade daily on my systems, but that'sjust to upgrade from day to day.. not jumping releases03:57
John[Lisbeth]well this will be a good learning experience for me then03:57
John[Lisbeth]This is just a sort of mainframe I use so my cs peers and I can get into repls03:57
=== athairus is now known as afkthairus
heftighow usable is LVM's integrated RAID?08:39
heftigI would prefer being able to select mirroring/striping per LV08:40
=== chmurifree is now known as chmuri
norcHi. What is the defined behaviour of Ubuntu when no more memory can be allocated?10:28
hateballflush cache or start swapping, depending on how you've set vm.swappiness10:28
hateballif everything is full, crash :D10:29
norchateball: I find that hard to believe that the operating system would crash.10:29
norcThat would allow any application to straight crash the server by just malloc'ing until the server runs out.10:29
ogra_it calls OOM and starts killing processes10:29
heftigs/crash/sacrifice a random process/10:29
hateballWell, yea10:29
norcRandom? Or is there some algorithm for selection?10:29
ogra_random usually10:29
heftigYes, memory hogs are targeted first10:30
ogra_there are ways to hand an oom_score value to apps10:30
heftigEach process also has an attribute that modifies its likeliness to be picked10:30
heftigoom_killer_something10:30
maswantypically though, on a normal server, it is time to reboot after you've found the oom killing stuff10:30
heftigOr oom_score_adj or something like that10:31
norcAh. Im guessing the amount of memory used is also a factor, so that memory hogs will be killed first unless that oom_score gives it some priority, right?10:31
ogra_well ... there are systems that use this as a feature ;)10:31
ogra_like android10:31
maswanyeah, thus my weasel words in the beginning. :)10:31
heftigAndroid uses the oom killer?10:32
heftigI thought the termination of paused background processes was at user level10:32
ogra_yep10:32
ogra_they patch it and call it lowmemory_killer though ...10:32
ogra_and yes, there is userspace involved too10:32
ogra_on a very low end server like an IoT device such a feature might actually even make sense :)10:33
ogra_(system reliability over app availability)10:34
heftigWell, those devices usually have relatively constant memory use10:35
ogra_yet :)10:37
ogra_just wasit til you can install a spotify proxy and owncloud on your heating controller which is also your NAS and wlan router ;)10:37
heftigWell, I would have it so potentially memory intensive/dynamic tasks in sequence10:38
heftigIt do potentially10:38
ogra_in the above case you would want the heating and wlan serivices to be highly available and very fail ... while the others are possible to be killed10:43
patdk-lapyes, very annoying, when your are running like a database server, and some other program start eating ram, and OOM kills your database11:00
ogra_uh ... s/fail/failsafe/ :P11:03
=== deadnull_ is now known as _deadnull
=== _deadnull is now known as deadnull_
OlofL_anyone setup nxfilter here?14:04
spm_dragetIs this a known bug that phpmyadmin package fails to run because it is missing php-mbstirng and php-gettext packages? http://askubuntu.com/questions/760567/phpmyadmin-missing-mbstring-extention-ubuntu-16-0414:11
spm_dragetWas there an update from <mysql-5.7 to mysql-5.7 on the ubuntu 16.04 release!?14:30
fricklerspm_draget: yes14:39
fricklerpretty late in the cycle I think with some fallout like https://bugs.launchpad.net/ubuntu/+source/percona-xtradb-cluster-5.6/+bug/157450914:40
ubottuLaunchpad bug 1574509 in percona-xtradb-cluster-5.6 (Ubuntu) "mysqladmin-5.7 fails to set password for percona-xtradb-cluster-server-5.6" [Undecided,New]14:40
rbasaknacc: see http://askubuntu.com/questions/760567/phpmyadmin-not-working-due-to-missing-mbstring-extention from above. Should phpmyadmin be listing dependencies there?14:40
spm_dragetI thought it was feature-freeze a few weeks before release.14:40
spm_dragetIt blew my jira/confluence installation, too. Meh!14:41
tewardspm_draget: there are cases where some things can be slipped past FeatureFreeze in some cases - this was one of them14:42
tewardunfortunately14:42
teward(in your case)14:42
spm_draget*sighs* Oh well. Tomorrow is a day off. Good day to fix things :)14:43
naccteward: yeah, i guess based upon the linked to question from there, phpmyadmin already depends on php-gettext, but i guess needs a dep on php-mbstring15:12
naccteward: so i'm guessing that at least in one case, they installed from source (as the packaging wouldn't have allowed the former not to be installed)15:15
* teward was pinged?15:21
tewardoh15:21
naccteward: there are already two bugs for the same (mbstring) issue15:23
tewardnacc: probably should cc/ping rbasak who poked on it ;P15:23
tewardnacc: but yes this is one of those times where this type of thing blows up :P15:23
naccrbasak: want to upload the fix from LP: #1577482 ? I guess his versioning is off (probably for a PPA upload)15:25
ubottuLaunchpad bug 1577482 in phpmyadmin (Ubuntu) "PHPMyAdmin requires mbstring" [Low,New] https://launchpad.net/bugs/157748215:25
tewardnacc: if it depends on mbstring then yes it should probably get that dep update - both in Yakkety and Xenial if SRU-able15:26
tewardbut i leave that to you and rbasak, my php focus extends to about the default conf of nginx :P15:26
tewardoh and any php services I run but meh15:26
tewardthanks to Landscape, deployment scripts are fun xD15:27
* teward has a "Install PHP 7.0 with all necessary deps" script to push to Xenial boxes :P15:27
teward(adds mbstring and gettext to the list)15:27
naccrbasak: made quite a bit of progress yesterday! the code is all there now, but have to debug why merges aren't quite working (i think it's mostly a mistake on my part with gitpython)15:50
rbasaknacc: sounds good!15:54
rbasaknacc: re bug 1577482, I'm happy to sponsor that, but do you need to send upstream?15:57
ubottubug 1577482 in phpmyadmin (Ubuntu) "PHPMyAdmin requires mbstring" [Low,Confirmed] https://launchpad.net/bugs/157748215:57
naccrbasak: actually, for yakkety we should sync and selectively backport the same deps (as i think it also migh tneed php-xml) to 16.0416:01
rbasaknacc: that sounds reasonable. Are you happy for me to sponsor the sync?16:04
rbasak(as in - have you confirmed that it's correct?)16:04
naccrbasak: yeah, i'm filing the bug now -- one sec16:04
naccrbasak: so i believe we can sync, i'll finish that in a `requestsync` bug and subscribe you, but from an ease-of-use perspective, we may want to consider reverting parts of this in the Y cycle: http://anonscm.debian.org/cgit/collab-maint/phpmyadmin.git/commit/?id=80a81e7915ee35cd27f8521a314812f3f38bc9ff16:14
naccrbasak: as, by default, phpmyadmin won't require the apache module, which i think will violate the principle of least surprise for many users?16:14
nacci guess it will prefer fpm by default, (via php -> php7.0 -> php7.0-fpm)16:15
rbasaknacc: sorry, I don't follow.16:15
rbasakYou want to sync but then revert something that is in the thing that we synced?16:15
naccrbasak: i think debian made it less user-friendly16:15
naccrbasak: and ubuntu is supposed to be the nicer debian :)16:15
naccrbasak: it's unrelated to our delta16:16
naccrbasak: they removed the OR'd deps on libapache2-mod-php7.0 (and i believe dep resolution will take the first one if possible?, I forget the rule)16:16
rbasakYeah, first possible.16:17
rbasakWill that do the wrong thing on Ubuntu? Or otherwise, how is it less user-friendly?16:18
naccright, so i think (i'm verifying this in lxc right now) that `apt-get install phpmyadmin` in 16.04 will install libapache2-mod-php7.0, but in Debian (and if we sync in Yakkety) will install php7.0-fpm. So maybe not less user-friendly, but less expected potentially16:18
rbasakOh, because it depends on just php now, and not the specific ones?16:20
naccrbasak: right, i dont' know why debian didn't do 'Depends: libapache2-mod-php | php-cgi | php-fpm | php16:21
naccrbasak: hrm, i guess something else pulls in apache, so never mind! :)16:22
rbasaknacc: I guess Debian doesn't want to choose? Ondrej prefers fpm I believe anyway?16:22
naccrbasak: yeah, that's probably why16:23
naccrbasak: ok, so that's all my point was -- we'd be making the "default" for phpmyadmin fpm, which would be a behavior change to end-users16:23
rbasaknacc: I think it's worth considering whether we want to maintain a delta for this.16:23
sdezielteward: just looked at your paste (https://paste.ubuntu.com/16208886/) and in addition to using the "service" wrapper, I'd recommend calling "upgrade" on nginx so that you don't incur any downtime16:23
rbasakHow much are we prepared to maintain phpmyadmin in Ubuntu? I understand that we needed to do this for the transition, but what about on an ongoing basis?16:24
tewardsdeziel: s/upgrade/update/16:24
tewardsdeziel: bit late, though, i already ran the script during the scheduled maintenance window on my servers (all of them) last night16:24
naccrbasak: ideally not at all, meaning i'd rather we sync now and see what the fallout is ... it would only be in fresh installs of 16.10, afaict16:24
rbasakOK. That sounds fine to me.16:24
naccrbasak: and it's an easy adjustment in the control file if people don't like it16:24
sdezielteward: no, I really meant to say "service nginx upgrade" ;_16:24
tewardsdeziel: heheh16:25
sdezielteward: that's the cool binary pivot thing :)16:25
tewardsdeziel: ah, indeed.16:25
sdezielteward: and I'm sure there will be more security updates requiring httpd restarts in the future16:26
tewardsdeziel: on my servers, though, it was coincided already with an nginx upgrade (PPAs with my own changes lol), so it was still necessary to 'restart' anyways (which is done during the upgrade process and in the postinst)16:26
tewardsdeziel: but you're right, it's why I still have the script on Landscape :)16:26
sdezielteward: why would "upgrade" not work in postinst? Sure it would require a bit more logic but should work IMHO16:27
tewardsdeziel: it may be using 'upgrade' but i'll double check16:28
tewardbeen a while since i stabbed the init and install scripts16:28
sdezielin fact, if the postinst could use "upgrade", I'd stop setting up a /usr/sbin/policy-rc.d before pulling those packages16:28
hallynsmb: sadly i think your adding the Alias=libvirtd complicated upgrade to the new libvirtd.service16:29
sdezielteward: looks like the postinst is redoing the "upgrade" dance on its own: http://paste.ubuntu.com/16220815/16:30
tewardsdeziel: i don't need the code i have it here thanks (remember I constantly poke the package)16:30
tewardsdeziel: you're right - it rolls its own :p16:30
tewardbut it matches the 'upgrade' code16:30
tewardi know there's other processes which 'stop' the thing in some versions, though... maybe I'm thinking the Trusty days16:31
tewardsdeziel: in my case it wouldn't have mattered - the maintenance I had planned included a kernel update on many of my KVM VPSes (and VMware VMs) so that needed some reboots anyways16:32
naccrbasak: sync bug filed and i subscribed you16:32
tewardwhich would have been ultimately the same impact of service stop, service start16:32
tewardbut at a longer timeperiod due to the reboot16:32
tewardsdeziel: ^16:32
sdezielteward: indeed but I was talking more in general16:32
tewardsdeziel: right16:32
sdezielteward: Truty also has the same code dup16:33
tewardsdeziel: *shrugs* then i misread code sometimes, in any case it works as is - i'll update my scripts16:33
tewardsdeziel: note i'm kind of half burned out right now with other things :/16:33
* teward has literally only half of his attention span as of late16:33
smbhallyn, hm ... not intentionally but systemd is makeing things complicated generally (imho)16:33
sdezielteward: it's not like if it was urgent ;)16:34
tewardsdeziel: ;)16:34
* teward yawns16:34
sdezielteward: want me to send a bug your way about it?16:34
tewardsdeziel: for the code duplication?  Send it to Debian first16:36
tewardi'm trying to *reduce* the delta, not add to it :p16:36
sdezielmake sense, will do16:37
tewardsdeziel: 'low' item on the totem pole for Xenial, so it wouldn't land in Xenial unless something else came in that needed some attention16:37
tewardsdeziel: file against src:nginx up in Debian, file in Launchpad, link bugs.16:37
tewardi'll look at it 'eventually'16:38
sdezielteward: that's indeed not SRU worthy16:38
sdezielI'll try to provide a patch in the Debian bug :P16:38
tewardsdeziel: it would probably be implemented in Yakkety at the earliest, Z-series at the latest16:38
sdezielZ-series sounds kinda neat16:38
tewardthe next 'merge' from debian is basically ending up as a "we have to almost start from scratch Debian"16:38
tewardbecause merges.u.c and Merge-o-Matic are breaking things16:39
tewardbasically, keep changelog file from MoM, reapply the existing delta by hand16:39
tewardrbasak: ^16:39
tewardsarnold is also aware16:39
teward(dynamic module support is breaking things!  >.<)16:40
rbasaknacc: sync sponsored. Thanks!16:40
naccrbasak: thank you!16:40
hallynsmb: +116:42
lamontstgraber: you around?16:49
lamontstgraber: would like to chat a bit about bind vs lxd and port 5316:49
stgraberlamont: around-ish, sprinting17:04
lamontyeah17:06
lamontI'm going to dig back to where BIND started listening on every IP instead of just using inaddr-any by default, and thinking that I may just want to change that17:06
lamontI suspect that it was part of the cache-poisoning vs 16-bit ID changes17:07
stgraberdoes that make an actual difference though? whether you bind on everything :53 or [::]:53 nothing else can bind port 53 while you're doing that17:08
lamontbullcrap17:08
lamontif you bind to :53 then someone binding to a particular IP:53 steals all traffic for that IP17:09
lamontinaddr-any says "I'll take the traffic if no one wants it more than me"17:09
* lamont accidentally put postfix in production because of that feature of bind(2)17:10
lamontwow. 19 years ago17:10
stgraberah, well, that's nice then :)17:11
tewardsdeziel: when you file the bug, link me to both the Debian one and the Launchpad one - that way I can track both, though I'll probably do that anyways whether Ig et bug numbers or not heh17:11
Slinglamont: was that in the time when DEBUG on sendmail gave you root?17:12
lamontSling: I don't remember... I had postfix listenin on inaddr_any (to catch 2 ports without having an extra line of master.cf), and sendmail was listening on the production IP... and died.17:13
lamontno one noticed for 2 weeks17:13
lamontthat was back in the alpha days17:13
Slingah sendmail way back used to respond to the DEBUG command and just gave you root like that17:13
Slingcuz why not, internet was for researchers17:13
lamontpast that point17:13
lamontit was definitely after the morris worm17:13
hallynyeah that's much much more than 19 years ago today, isn't it.  how time flies.17:31
lamonttime flies.  you can't: they fly too fast.  <-- thanks for the reminder17:36
lamontand listening on inaddr-any is a somewhat invasive change to bind9. sigh17:50
hallynstill seems to me like a .d directory is the way to go.  though inaddr-any sounds like a duh-why-not17:51
lamontyeah... I'm finding that it might be more straightforward to just teach include some magic on how to handle directories17:53
=== afkthairus is now known as athairus
hallynmaybe once i finish some kernel gorp i'll take a look at implementing that17:54
lamontgit.debian.org//git/pkg-bind/pkg-bind.git <-- hallyn I also need to update the control file once I figure out what the url wants to be ther.17:59
lamonthallyn: anyway, 9.10.3.dfsg.P4-10 is current17:59
lamontsaid fix wanting to be SRUed into xenial (drop python2 dependency)18:00
lamonthallyn: I'd be inclined to check the type of the include file, and if it's a directory, include any file directly in that directory whose name ends in ".conf"18:00
lamontI'd rather not change the syntax of the config file in the least18:01
lamontand with that, lunch date18:01
sdezielteward: https://bugs.launchpad.net/debian/+source/nginx/+bug/1578344 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=82343518:48
ubottuLaunchpad bug 1578344 in nginx (Ubuntu) "code duplication between nginx-*.postinst and init script" [Undecided,New]18:48
ubottuDebian bug 823435 in nginx "code duplication" [Normal,Open]18:48
tewardsdeziel: I would retitle that a little more, expect a retitle from me :/18:52
sdezielnp18:53
jgehey all good afternoon, I have two ubuntu servers running 14.04.1 LTS and OpenSSL OpenSSL 1.0.1f 6 Jan 201419:43
jgehowever, when I do apt-get upgrade, one of them wants to upgrade openssl and the other does not see it19:44
jgeI have only main and security repos enabled19:44
jgesame on both19:44
jgewhat am I missing here..19:44
mdeslaurjge: did you do apt-get update first?19:45
sarnolddo they both have security.ubuntu.com repos listed?19:46
tewardsarnold: i would imply that based on their statement about only main + security enabled on both.19:46
tewardalso good afternoon to you19:47
jgemdeslaur: yep19:48
jgesarnold: yes19:48
mdeslaurjge: what's the result of "apt-cache policy openssl" on the server that doesn't find it?19:48
jgedamnit, I have to keep remembering the usefulness of this command.. looks like it was already upgraded to the version the other is nagging about19:50
jge:)19:50
mdeslaurah, well there you go :)19:50
jgethanks19:52
mdeslauryw19:53
lamonthallyn: +XS-Vcs-Browser: http://anonscm.debian.org/git/pkg-bind/pkg-bind.git19:57
lamont(which will be reflected in -11 :/)19:58
JanCjge: do you have automatic security upgrades enabled on one of them?19:58
sdezielI wonder why HTTPS isn't the default for anonscm.debian.org19:59
lamontbother.  good catch sdeziel19:59
lamontit should have been https in the first place <-- hallyn20:00
RoyKhm... https://launchpad.net/~kernel-ppa/+archive/ubuntu/ppa doesn't seem to work with xenial20:04
hallynlamont: just to be clear - nothing in that git tree implements .d support right?20:08
lamontnothing whatsoever20:08
lamontat least that I'm aware of20:08
sdezielRoyK: that PPA is empty ATM20:09
lamonthallyn: thinking about it, maybe: include "/some/dir/*.conf"; <-- for syntax?20:09
RoyKsdeziel: any idea where I can find upstream kernels without compiling them myself?20:09
sdezielRoyK: https://wiki.ubuntu.com/Kernel/MainlineBuilds ?20:10
RoyKsergey: nothing there about xenial20:12
sdezielRoyK: I'd give that a try http://kernel.ubuntu.com/~kernel-ppa/mainline/daily/current/20:14
RoyKthanks20:15
hallynlamont: it's been too long since i've used bind itself, but something analogous to /etc/network/interfaces.d/*.conf would be nice and unsurprising20:19
lamontyeah... the issue is that the poor config file is structured, and the user will want to be able to inject a "include this directory" snippet into way too many places to predict.20:23
lamontergo, extend the include directive to let them do just that20:24
hallynoh.  heh.  structured.20:26
hallyndon't suppose there is some existing convention for third party sed'ing of the file to add in and remove hunks or file includes?20:27
hallyngrep lxd /etc/bind.conf || sed -i 's/REPLACEME/\0\nskip lxd network\n/' /etc/bind.conf20:28
lamontnot that I know of, though there are probably dozens. :/20:33
lamonthallyn: of course, once we get the grammar, then the config file will grow to include several strtegically placed include statements20:39
hallynyeah <pained grin>20:41
sarnoldteward: it's possible to subscribe to the security pocket on a different server though20:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!